FreeBSD Bugzilla – Attachment 210468 Details for
Bug 241684
autofs: no way to have permissions other than 755 for automounted media
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch to allow custom mount flags via special_media
special_media.diff (text/plain), 2.26 KB, created by
Jason W. Bacon
on 2020-01-05 17:26:12 UTC
(
hide
)
Description:
Patch to allow custom mount flags via special_media
Filename:
MIME Type:
Creator:
Jason W. Bacon
Created:
2020-01-05 17:26:12 UTC
Size:
2.26 KB
patch
obsolete
>--- special_media.orig 2020-01-05 10:10:41.734519000 -0600 >+++ special_media 2020-01-05 11:18:05.678779000 -0600 >@@ -31,6 +31,26 @@ > done > } > >+ >+secure_script() >+{ >+ if [ $(/usr/bin/stat -f "%u" $1) != 0 ]; then >+ printf "Error: $1 must be owned by root.\n" >+ exit 1 >+ fi >+ mode=$(ls -l $1 | awk '{ print $1 }') >+ if [ $(echo $mode | cut -c 1) != '-' ]; then >+ printf "Error: $1 must be a regular file.\n" >+ exit 1 >+ fi >+ if [ $(echo $mode | cut -c 6,9) != '--' ]; then >+ printf "Error: $1 cannot be group or world writable.\n" >+ exit 1 >+ fi >+ return 0 >+} >+ >+ > # Print a single map entry. > print_map_entry() { > local _fstype _p >@@ -38,10 +58,21 @@ > _fstype="$1" > _p="$2" > >+ # Perhaps some of these customizations should be handled by the mount >+ # commands so they don't have to be duplicated in tools that call them >+ # such as autofs? >+ # >+ # Check for root ownership and safe permissions >+ # >+ custom_script="/etc/autofs/${_fstype}-customizations.sh" >+ if secure_script $custom_script; then >+ _custom_flags=$($custom_script) >+ fi >+ > case "${_fstype}" in > "exfat") > if [ -f "/usr/local/sbin/mount.exfat" ]; then >- echo "-mountprog=/usr/local/sbin/mount.exfat,fstype=${_fstype},nosuid :/dev/${_p}" >+ echo "-mountprog=/usr/local/sbin/mount.exfat,fstype=${_fstype},nosuid,${_custom_flags} :/dev/${_p}" > else > /usr/bin/logger -p info -t "special_media[$$]" \ > "Cannot mount ${_fstype} formatted device /dev/${_p}: Install sysutils/fusefs-exfat first" >@@ -50,18 +81,21 @@ > ;; > "ntfs") > if [ -f "/usr/local/bin/ntfs-3g" ]; then >- echo "-mountprog=/usr/local/bin/ntfs-3g,fstype=${_fstype},nosuid :/dev/${_p}" >+ echo "-mountprog=/usr/local/bin/ntfs-3g,fstype=${_fstype},nosuid,${_custom_flags} :/dev/${_p}" > else > /usr/bin/logger -p info -t "special_media[$$]" \ > "Cannot mount ${_fstype} formatted device /dev/${_p}: Install sysutils/fusefs-ntfs first" > exit 1 > fi > ;; >- "ext2fs" | "msdosfs") >- echo "-fstype=${_fstype},nosuid,async :/dev/${_p}" >+ "ext2fs") >+ echo "-fstype=${_fstype},nosuid,async,${_custom_flags} :/dev/${_p}" > ;; >+ "msdosfs") >+ echo "-fstype=${_fstype},nosuid,async,${_custom_flags} :/dev/${_p}" >+ ;; > *) >- echo "-fstype=${_fstype},nosuid :/dev/${_p}" >+ echo "-fstype=${_fstype},nosuid,${_custom_flags} :/dev/${_p}" > ;; > esac > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=210468">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 241684
:
209942
|
209943
|
210141
|
210468
|
210469
|
210470